ucphhpc · jonasbardino · Jul 4, 2025 · Jul 4, 2025
diff --git a/mig/shared/defaults.py b/mig/shared/defaults.py
@@ -1,3 +1,3 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 #
@@ -20,7 +20,7 @@
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 #
 # -- END_HEADER ---
 #
@@ -33,8 +33,8 @@
 import os
 import sys

 MIG_BASE = os.path.realpath(os.path.join(os.path.dirname(__file__), '../..'))
 MIG_ENV = os.getenv('MIG_ENV', 'default')

 # NOTE: python3 switched strings to use unicode by default in contrast to bytes
 #       in python2. File systems remain with utf8 however so we need to
@@ -42,13 +42,13 @@
 #       to unicode depending on the python used.
 #       Please refer to the helpers in shared.base for actual handling of it.
 if sys.version_info[0] >= 3:
    default_str_coding = 'unicode'
    default_fs_coding = 'utf8'
 else:
    default_str_coding = 'utf8'
    default_fs_coding = 'utf8'

 CODING_KINDS = (STR_KIND, FS_KIND) = ('__STR__', '__FS__')

 # IMPORTANT: do NOT import anything except native python modules/functions here
 #            to avoid import loops
@@ -78,7 +78,7 @@
 any_protocol = keyword_any
 any_state = keyword_any

 AUTH_NONE, AUTH_GENERIC, AUTH_CERTIFICATE = "None", "Generic", "X.509 Certificate"
 AUTH_OPENID_CONNECT, AUTH_OPENID_V2 = "OpenID Connect", "OpenID 2.0"

 AUTH_MIG_OID = "Site %s" % AUTH_OPENID_V2
@@ -173,13 +173,13 @@
    'freeotp': {'name': 'FreeOTP',
                'url': 'https://freeotp.github.io/'},
    'yubico': {'name': 'Yubico Authenticator',
               'url': 'https://www.yubico.com/products/yubico-authenticator/#h-download-yubico-authenticator'},
    'bitwarden': {'name': 'Bitwarden',
                  'url': 'https://bitwarden.com/download/'},
    'microfocus': {'name': 'NetIQ Advanced Authentication',
                   'url': 'https://www.microfocus.com/en-us/products/netiq-advanced-authentication/overview'},
    'microsoft': {'name': 'Microsoft Authenticator',
                  'url': 'https://www.microsoft.com/en-us/security/mobile-authenticator-app'},
 }

 # Sharelink format helpers
@@ -270,7 +270,7 @@
 # can't let users edit them because it would result in arbitrary code execution
 # holes.
 #
 # IMPORTANT: please use the invisible_{path,file,dir} helpers from mig.shared.base
 #            instead of using these variables directly.
 _dot_vgrid = ['.vgrid%s' % i for i in ['wiki', 'scm', 'tracker', 'forum']]
 _protected_dirs = [trash_destdir]
@@ -373,7 +373,7 @@
 # 0|~/mig > ./codegrep.py safe_handler|grep import|sort|awk '{ print $1; }'| \
 #               sed 's@.*/functionality/\(.*\).py:from@\\"\1\\",@g'|xargs
 csrf_backends = [
    "addresowner", "addvgridmember", "addvgridowner", "addvgridres", "addvgridtrigger", "autocreate", "chksum", "cleanallstores", "cleanexe", "cleanfe", "cleanstore", "cp", "createfreeze", "createre", "createvgrid", "datatransfer", "deletefreeze", "deletere", "delres", "editfile", "extcertaction", "extoidaction", "imagepreview", "jobaction", "jobfeasible", "jobobjsubmit", "jobschedule", "liveio", "mkdir", "mqueue", "mv", "pack", "rejectresreq", "rejectvgridreq", "reqcertaction", "reseditaction", "restartallexes", "restartallstores", "restartexe", "restartfe", "restartstore", "resubmit", "rmdir", "rm", "rmresowner", "rmvgridmember", "rmvgridowner", "rmvgridres", "rmvgridtrigger", "scripts", "sendrequestaction", "settingsaction", "sharelink", "sssadmin", "ssscreateimg", "stopallexes", "stopallstores", "stopexe", "stopfe", "stopstore", "submitfields", "submit", "tar", "testresupport", "textarea", "touch", "truncate", "unpack", "untar", "unzip", "updateresconfig", "updatevgrid", "uploadchunked", "upload", "vgridforum", "vgridsettings", "vmachines", "zip",
 ]

 # freeze archive flavor
@@ -451,9 +451,9 @@
 # ciphers.
 # On older versions of OpenSSL, unavailable ciphers will be discarded
 # automatically.
 STRONG_TLS_CIPHERS = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
 # NOTE: keep the previous list around in case of problems e.g. with IO clients
 STRONG_TLS_LEGACY_CIPHERS = "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES:CAMELLIA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!SEED:!IDEA:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!DES-CBC3-SHA:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES128-SHA256:!AES256-SHA256:!AES128-SHA:!AES256-SHA:!CAMELLIA256-SHA:!CAMELLIA128-SHA"
 # TODO: enforce curve order in Apache (2.4.8+), too?
 #       https://superuser.com/questions/964907/apache-and-ecc-curve-order
 # TODO: add curve 'X25519' as first choice once we reach openssl-1.1?
@@ -463,7 +463,8 @@
 # to allow in OpenSSH and native Paramiko SFTP daemons (on OpenSSH format).
 # NOTE: harden in line with Mozilla recommendations for modern versions:
 # https://wiki.mozilla.org/Security/Guidelines/OpenSSH#Configuration
-# Additional hardening based on https://github.com/arthepsy/ssh-audit
+# Additional hardening based on https://github.com/arthepsy/ssh-audit and
+# https://www.sshaudit.com/hardening_guides.html
 # Please note that the DH GroupX KexAlgorithms require OpenSSH 7.3+, but that
 # older versions can relatively safely fall back to instead use the
 # diffie-hellman-group-exchange-sha256 as long as the moduli tuning from
@@ -480,16 +481,16 @@
 STRONG_SSH_HOSTKEYALGOS = "ssh-ed25519,rsa-sha2-512,rsa-sha2-256"
 LEGACY_SSH_HOSTKEYALGOS = ",".join([STRONG_SSH_HOSTKEYALGOS, "ssh-rsa"])
 FALLBACK_SSH_HOSTKEYALGOS = LEGACY_SSH_HOSTKEYALGOS
-STRONG_SSH_KEXALGOS = "curve25519-sha256@libssh.org,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512"
+STRONG_SSH_KEXALGOS = "sntrup761x25519-sha512@openssh.com,curve25519-sha256@libssh.org,curve25519-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512"
 # NOTE: fall back to relatively safe DH group-exchange-sha256 on old paramiko etc.
 LEGACY_SSH_KEXALGOS = ",".join([STRONG_SSH_KEXALGOS,
                                 "diffie-hellman-group-exchange-sha256"])
 FALLBACK_SSH_KEXALGOS = LEGACY_SSH_KEXALGOS
-STRONG_SSH_CIPHERS = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr"
+STRONG_SSH_CIPHERS = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-gcm@openssh.com,aes128-ctr"
 # NOTE: avoid chacha20-poly1305@openssh.com to mitigate Terrapin issue on old servers
-LEGACY_SSH_CIPHERS = "aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr"
+LEGACY_SSH_CIPHERS = "aes256-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-gcm@openssh.com,aes128-ctr"
 FALLBACK_SSH_CIPHERS = LEGACY_SSH_CIPHERS
-STRONG_SSH_MACS = "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com"
+STRONG_SSH_MACS = "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com"
 LEGACY_SSH_MACS = STRONG_SSH_MACS
 # NOTE: fall back to safe MACS with the best possible alternatives on ancient paramiko
 #       to avoid falling back to really bad ones

diff --git a/tests/fixture/confs-stdlocal/sshd_config-MiG-sftp-subsys b/tests/fixture/confs-stdlocal/sshd_config-MiG-sftp-subsys
@@ -39,9 +39,9 @@ HostKey /home/mig/certs//server.key
 # IMPORTANT: these are *generated* hardened values based on generateconf
 # invocation. Any permanent changes need to be made there.
 HostKeyAlgorithms ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
-KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256
-Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
-MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
+KexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256@libssh.org,curve25519-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256
+Ciphers aes256-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-gcm@openssh.com,aes128-ctr
+MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com
 
 # Logging
 # obsoletes QuietMode and FascistLogging